package cn.enn.smart.check;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;

public class DefaultPostAuthenticationChecks implements UserDetailsChecker {

	private Logger logger = LoggerFactory.getLogger(DefaultPreAuthenticationChecks.class);

	protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();

	public void check(UserDetails user) {
		if (!user.isCredentialsNonExpired()) {
			logger.debug("User account credentials have expired");

			throw new CredentialsExpiredException(messages.getMessage(
					"AbstractUserDetailsAuthenticationProvider.credentialsExpired", "User credentials have expired"));
		}
	}
}
